"Volume of Opaque Breach Notices Surges in Q1"

According to the Identity Theft Resource Center (ITRC), the volume of US data breaches fell in Q1 2023, but the number of notices with no actionable information contained within grew by 20% from the previous quarter.  The ITRC is a non-profit that tracks publicly reported data breaches and leaks in the US and has been dismayed by the growing reluctance of breached firms to share important information about incidents.  The ITRC argued that this means that those impacted can’t make accurate assessments about the risk of data compromise and what actions they should take following a breach involving their data.  The number of data breaches with no actionable information about the root cause of the compromise grew from just five in Q1 2021 to 155 a year later and 187 in Q1 2023.  Eva Velasquez, president, and CEO of the ITRC stated that it is troubling to see the trend of a lack of actionable information in data breaches continue from 2022.  Velasquez said that among the top ten breaches they saw in Q1, 60% did not include information about the root cause of the event, compared to 40% in Q4 2022.  This means individuals and businesses remain at a higher risk of cyberattacks and data compromises.  Last year, the ITRC claimed that only a third (34%) of breach notices included both victim and attack details, the lowest figure in five years and a 50% decline from 2019.  The total number of reported breaches declined 13% from the previous quarter to 445 for the first three months of 2023.  The number of victims decreased by 65% to 89 million.  The ITRC noted that healthcare topped the list of most breached sectors for the third consecutive quarter, followed close behind by financial services.  Incidents in the manufacturing and utilities, technology, healthcare, and transportation sectors impacted the most people.  Velasquez claimed that the number of victims and compromises usually falls in Q1 each year.

Infosecurity reports: "Volume of Opaque Breach Notices Surges in Q1"